From cb78e40afec695ecc06e405e6970ae2a4bf2fb6d Mon Sep 17 00:00:00 2001 From: Hugo Osvaldo Barrera Date: Mon, 6 Dec 2021 21:48:10 +0100 Subject: skype: Create and whitelist config dir Without this, Skype's session isn't retained. --- etc/profile-m-z/skypeforlinux.profile | 3 +++ 1 file changed, 3 insertions(+) (limited to 'etc/profile-m-z/skypeforlinux.profile') diff --git a/etc/profile-m-z/skypeforlinux.profile b/etc/profile-m-z/skypeforlinux.profile index ed04eda8e..0abd03c77 100644 --- a/etc/profile-m-z/skypeforlinux.profile +++ b/etc/profile-m-z/skypeforlinux.profile @@ -23,6 +23,9 @@ ignore noexec /tmp noblacklist ${HOME}/.config/skypeforlinux +mkdir ${HOME}/.config/skypeforlinux +whitelist ${HOME}/.config/skypeforlinux + # private-dev - needs /dev/disk # Redirect -- cgit v1.2.3-70-g09d2 From debfef929d20809e61130ef360d6e89cfbd19991 Mon Sep 17 00:00:00 2001 From: Hugo Osvaldo Barrera Date: Mon, 6 Dec 2021 21:47:07 +0100 Subject: skype: Harden D-Bus profile Tested these settings and they work fine, including a test call. I can't explain why, but if the `org.kde.StatusNotifierWatcher` entry is removed, Skype will immediately log out the previous session when started. --- etc/profile-m-z/skypeforlinux.profile | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'etc/profile-m-z/skypeforlinux.profile') diff --git a/etc/profile-m-z/skypeforlinux.profile b/etc/profile-m-z/skypeforlinux.profile index 0abd03c77..3ddebb765 100644 --- a/etc/profile-m-z/skypeforlinux.profile +++ b/etc/profile-m-z/skypeforlinux.profile @@ -14,8 +14,8 @@ ignore include whitelist-var-common.inc ignore nou2f ignore novideo ignore private-dev + ignore dbus-user none -ignore dbus-system none # breaks Skype ignore apparmor @@ -28,5 +28,11 @@ whitelist ${HOME}/.config/skypeforlinux # private-dev - needs /dev/disk +dbus-user filter +dbus-user.talk org.freedesktop.Notifications +dbus-user.talk org.freedesktop.secrets +# Note: Skype will log out the current session on start-up without this: +dbus-user.talk org.kde.StatusNotifierWatcher + # Redirect include electron.profile -- cgit v1.2.3-70-g09d2